1995-11-14 - Re: NSA, ITAR, NCSA and plug-in hooks.

Header Data

From: Rich Salz <rsalz@osf.org>
To: ses@tipper.oit.unc.edu
Message Hash: f9fda7b2e9753aef6c57ba0a655b2049d5de9ea81ef75e67fb2be212c28db09f
Message ID: <9511142220.AA13813@sulphur.osf.org>
Reply To: N/A
UTC Datetime: 1995-11-14 22:49:32 UTC
Raw Date: Wed, 15 Nov 1995 06:49:32 +0800

Raw message

From: Rich Salz <rsalz@osf.org>
Date: Wed, 15 Nov 1995 06:49:32 +0800
To: ses@tipper.oit.unc.edu
Subject: Re: NSA, ITAR, NCSA and plug-in hooks.
Message-ID: <9511142220.AA13813@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain

>are specifically designed for the insertion of cryptographic materials, 
>or is it the fact that they could be used to support cryptographic 

Everything is decided on a case-by-case basis.  I was in a meeting
with some NSA export-control people (Dept Z03) and asked a few questions
on this topic trying to nail down the angle of this slipper slope.

Basically, generic buffer-manipulation is okay.  "Keyed compression"
where you explicitly passed something called a key to a DLL routine
would be looked on suspiciously.  An abstract set of open/modify/close
routines (where open returned a pointer to opaque state, say a session
key :) would be fine.  The technical guy quickly grasped that I was
talking about anonymous remailers, but they "conceded" there's nothing
they can do about it.

I say "concede" because that implies more political/control-issues
then were really present at the meeting.